package org.ding.config;


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

import static org.springframework.security.config.Customizer.withDefaults;

/**
 * @Author: ding
 * @Mail: dingpeng0831@hotmail.com
 * @CreateTime: 2023-03-23  23:57
 * @Description:
 * @Version: 1.0
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig {

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity security) throws Exception {
        security
                .authorizeRequests((authz) -> {
                    authz
                            // .antMatchers("index", "/doLogin", "/login", "/login-error", "/401", "/css/**", "/js/**", "/webjars/**", "/asserts/**").permitAll()
                            // .antMatchers("/v1/**").hasRole("admin")
                            .anyRequest()
                            .permitAll();
                    // .authenticated();
                })
                .formLogin(withDefaults())
                .httpBasic(withDefaults())
                .csrf()
                .disable();
        return security.build();
    }
}
